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DETAILED ACTION 

• Applicant's submission of RCE filed on 09/15/2008 has been entered. Applicant 
has amended claims 1, 2, 6-8, 10, 12, 14, 17, 23 and 26; canceled claims 3-5, 
15,16, and 28 and added claims 31 -34. Currently claims 1 , 2, 6-1 4, 1 7-27 and 
29-34 are pending in this application. 

Response to Arguments 

1 . Applicant's arguments with respect to claims 1,12,17 and 23 have been 
considered but are moot in view of the new ground(s) of rejection. 



Claim Rejections - 35 USC § 101 

2. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 23-27 and 29-30 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. 

Claim 23 recites, "A system for generating a manifest comprising: a first parser 

that ; a first manifest generator ; a security component....". The claimed system 

direct to software per se, which do not show the physical transformation. Therefore, the 
claimed "system" would amount to computer programs, a type of functional descriptive 
material, per se. As such, the claimed system/apparatus must include the hardware 
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necessary to realize any of the functionality of the claimed modules and produce a 
useful, concrete and tangible result. Absent recitation of such hardware as part of the 
claimed apparatus, it is considered non-statutory. 

Claims 24-27, and 29-30 depend on claim 23 and also do not include any 
hardware necessary to realize any of the functionality of the claimed modules, therefore 
they are rejected with the same rationale applied against claim 23 above. 



Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



Claims 1.2. 6-10, 12-14, 17-21, 23-17, and 29-34 are rejected under 35 



U.S.C. 102(b) as being anticipated by England et al. (US 6.330.670 BP, hereinafter 



"England". 
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Regarding Claim 1, England discloses a method of generating a manifest that 
governs the execution of a software object, the method comprising: 

receiving a specification indicative of requirements for the execution of the 
software object, the specification referring to one or more components (see, Column 18, 
lines 39-54); 

generating a manifest (see, Column 9, lines 16-29, "right manager certificate") 
based on said specification, including accessing said one or more components, said 
manifest comprising one or more rules governing what may be loaded into for ensuring 
integrity of an address space that is used for execution of the software object (see, 
abstract and also Fig. 9), the one or more rules incorporating a list of acceptable and 
unacceptable modules, wherein the acceptable modules may be executed in the 
address space of the software object and the unacceptable modules are unconditionally 
barred from executed in the address space of the software object (see, Column 18, line 
55- Column 19, line 9). 

Regarding Claim 2, the rejection of claim 1 is incorporated and England further 
discloses wherein said specification identifies the acceptable and unacceptable 
modules, and wherein generating the manifest comprises including, in said manifest, 
the identities of the acceptable and unacceptable modules identified in the specification 
(see, Column 9, lines 16-29). 

Regarding Claim 6, the rejection of claim 2 is incorporated and England further 
discloses wherein said specification indicates whether said manifest will contain hashes 
for identifying the identifying the unacceptable modules (see, Column 12, lines 32-36). 
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Regarding Claim 7, the rejection of claim 1 is incorporated and England further 
discloses wherein at least one of said acceptable modules comprises a key, and 
wherein said specification indicates that the at least one of said acceptable modules 
signed with said key may be loaded into said address space (see, Column 10, lines 41- 
51) and wherein generating said manifest comprises: retrieving said key from a file 
identified in said specification; and including said key in said manifest (see Column 14, 
lines 58-67). 

Regarding Claim 8, the rejection of claim 1 is incorporated and England further 
discloses wherein generating said manifest comprises: 

Computing a hash of at least one of said unacceptable module and including said 
hash in said manifest (see, Column 12, lines 32-36). 

Regarding Claim 9, the rejection of claim 1 is incorporated and England further 
discloses wherein said generating act comprises: based on said specification, creating a 
data structure representative of said specification (see, Fig. 9); and generating said 
manifest based on said data structure (see, Column 9, lines 16-29). 

Regarding Claim 10, the rejection of claim 1 is incorporated and England further 
discloses receiving a key associated with a vendor or distributor of said software object; 
signing said manifest with said key to produce a digital signature; and including said 
digital signature in said manifest (see, Column 19, lines 7-9). 
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Regarding Claim 12, England discloses a computer-readable medium encoded 
with computer- executable instructions to perform a method of generating a manifest, 
the method comprising: 

parsing a specification of requirements to be included in the manifest, the 
requirements defining a policy configured to preclude loading of rouge module into an 
address space of a software object associated with the manifest (see, Column 9, lines 
16-29 and Column 18, lines 39-54); 

accessing one or more components that are identified by the specification and 
that are external to the specification (see, Column 9, lines 16-29); and 

generating a manifest based on at least one of the accessed objects (see, 
Column 9, lines 16-29, "right manager certificate"). 

Regarding Claim 13, the rejection of claim 12 is incorporated and England 
further discloses: 

including in said manifest an identification of said executable module and an 
indication that either: 

said executable module may be loaded into said address space; or said 
executable module may not be loaded into said address space (see, Column 18, line 
55- Column 19, line 9). 

Regarding Claim 14, the rejection of claim 12 is incorporated and England 
further discloses wherein said rouge module is operative to perform an unauthorized 
operation on the one or more components (see, Column 9, lines 16-29 and Column 18, 
lines 39-54). 
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Regarding Claim 17, England discloses a method of specifying constraints on 
the use of software comprising: 

creating a specification for explicitly limiting what may be loaded into an address 
space of the software, the specification referring to one or more components that are 
external to the software and external to the specification (see, Column 9, lines 16-29 
and Column 18, lines 39-54); 

using a manifest generation tool to generate a manifest based on the 
specification (see, Column 9, lines 16-29, "right manager certificate"), wherein the 
manifest generation tool does at least one of: 

including, in said manifest, data from one of said one or more components 

(see, Fig. 9 and also Column 9, lines 16-29); or 

computing a value based on one of said one or more components and 

including the computed value in said manifest (see, Fig. 9 and also Column 9, 

lines 16-29); and 

distributing the generated manifest with the software (see, Column 10, lines 14- 
24), wherein the manifest comprises rules explicitly limiting what may be loaded into the 
address space of the software, thereby ensuring a secure address space for executing 
the software (see, Column 10, lines 14-24 and Column 18, line 55 - Column 19, line 9). 

Regarding Claim 18, the rejection of claim 17 is incorporated and England 
further discloses wherein said one or more components comprises a module, wherein 
said specification indicates either that said module may be loaded into said address 
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space or that said module may not be loaded into said address space (see, Column 10, 
lines 14-24 and Column 18, line 55 - Column 19, line 9), and wherein said manifest 
generation tool does at least one of: 

including an identifier of said module in said manifest (see, Column 9, lines 11- 

29); or 

computing a hash of said module and including the hash in said manifest (see, 
Column 12, lines 32-36). 

Regarding Claim 19, the rejection of claim 17 is incorporated and the England 
further discloses wherein said one or more components comprise a key, wherein said 
specification indicates either that modules signed with said key may be loaded into said 
address space or that modules signed with said key may not be loaded into said 
address space (see, Column 10, lines 41-51), and wherein said manifest generation tool 
retrieves said key from a file identified in said specification, and includes a certificate for 
said key in said manifest (see Column 14, lines 58-67). 

Regarding Claim 20, the rejection of claim 17 is incorporated and England 
further discloses wherein said manifest generation tool creates an intermediate data 
structure representative of said specification (see, Fig. 9), and generates said manifest 
based on said intermediate data structure (see, Column 9, lines 16-29). 

Regarding Claim 21, the rejection of claim 17 is incorporated and England 
further discloses wherein receiving a key from further comprising: 



Application/Control Number: 10/658,149 Page 9 

Art Unit: 2435 

receiving a key associated with a vendor or distributor of the software; signing 
said manifest with said to produce a digital signature; and including said digital 
signature in said manifest (see, Column 19, lines 7-9). 

Regarding Claim 23, England discloses a system for generating a manifest 
comprising: 

a first parser that receives a manifest specification indicative of requirements for 
a manifest, the first parser generating a representation of said requirements, said 
requirements relating to what may be loaded into an address space of a software object 
(see, Column 9, lines 16-29 and Column 18, lines 39-54), said specification referring to 
one or more components external to said software and external to said specification 
(see, Column 9, lines 16-29); 

a first manifest generator that generates a manifest based on said representation 
and includes in said manifest information contained in, or computed based on, said one 
or more components (see, Column 9, lines 16-29, "right manager certificate"); and 

a security component (see, Column 8, lines 56-65, Column 9, lines 11-15, 
"DDMOS") that imposes a permeable barrier for selectively allowing acceptable 
modules to be loaded into the software space of the software object and blocking 
unacceptable modules from being loaded into the software space thereby preventing 
unauthorized tempering of the one or more components (see, Column 8, lines 56-65, 
Column 9, lines 11-15, "DDMOS"). 
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Regarding Claim 24, the rejection of claim 23 is incorporated and England 
further discloses wherein said one or more components comprise a module, and 
wherein said first manifest generator generates said manifest by including, in said 
manifest, a datum that identifies said module (see, Column 9, lines 16-29). 

Regarding Claim 25, the rejection of claim 24 is incorporated and England 
further discloses wherein said datum comprises a hash of said module (see, Column 
12, lines 32-36). 

Regarding Claim 26, the rejection of claim 23 is incorporated and England 
further discloses wherein said one or more components comprise a key, wherein said 
specification indicates either that acceptable modules signed with said key may be 
loaded into said address space or that unacceptable modules signed with said key may 
not be loaded into said address space (see, Column 10, lines 41-51), and wherein said 
first manifest generator retrieves said key from a file identified in said specification and 
includes said key in said manifest (see Column 14, lines 58-67). 

Regarding Claim 27, the rejection of claim 23 is incorporated and England 
further discloses wherein said first manifest generator generates a digital signature for 
said manifest by signing said manifest with a key associated with a vendor or distributor 
of said software object, and includes said digital signature in said manifest (see, Column 
19, lines 7-9). 

Regarding Claim 29, the rejection of claim 23 is incorporated and England 
further discloses a second parser that receives a manifest specification indicative of 
requirements for a manifest, the second parser generating a representation of said 
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requirements in the same format as said first parser (see, Column 18, line 55- Column 
19, line 1), wherein said first parser parses specifications in a first format and second 
parser parses specifications in a second format different from said first format, and 
wherein first manifest generator generates said manifest based on a representation 
produced either by said first parser or said second parser (see, Column 19, lines 45-53). 

Regarding Claim 30, the rejection of claim 23 is incorporated and England 
further discloses a second manifest generator that generates a manifest based on said 
representation, wherein said first manifest generator generates a manifest in a first 
format and second manifest generator generates a manifest in a second format different 
from said first format (see, Column 19, lines 54-61). 

Regarding Claim 31, the rejection of claim 1 is incorporated and England further 
discloses wherein at least one of the unacceptable modules is identified in the list by a 
version number (see, Column 9, lines 20-27). 

Regarding Claim 32, the rejection of claim 1 is incorporated and England further 
discloses wherein at least one of the unacceptable modules is identified in the list by a 
range of version numbers (see, Column 9, lines 20-27). 

Regarding Claim 33, the rejection of claim 12 is incorporated and England 
further discloses wherein the policy comprises an identity of an unacceptable module 
that is unconditionally barred from being executed in the address space of the software 
object (see, Column 9, lines 11-29). 
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Regarding Claim 34, the rejection of claim 33 is incorporated and England 
further discloses wherein the unacceptable module is identified in the policy by a hash 
identifier (see, Column 12, lines 32-36). 



Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1 1 and 22 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over England in view of Watanabe et al. (US 2002/01 08041 A1 ), hereinafter Watanabe. 

Regarding Claims 11 and 22, the rejections of claims 1 and 17 are incorporated 
and England discloses signing a manifest using the private key of the vendor or 
distributor (see, Column 19, lines 7-9). England does not explicitly discloses using 
hardware security module to sign manifest, said hardware security module being 
adapted to apply a key associated with a vendor or distributor of said software object 
without revealing said key outside said hardware security module. 

However, Watanabe, in the same field of endeavor of cryptography, discloses 
signing digital document with private key of the signing party without revealing private 
key outside hardware security module (Paragraph 0195, One of the approaches to 
solve the problems of security assurance and enhanced computing speed is the 
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use of a hardware security module (HSM) in holding the signature keys (or private 
keys) and executing signature processing.") 

Therefore, it would have been obvious at the time the invention was made to one 
of ordinary skill in the art to use in the system of England, during a creation of 
cryptographic envelopes, use a hardware security module, as taught by Watanabe to 
provider highly temper resistant and security for the private key of the vendor 
(Watanabe, Paragraph 0195) 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to YOGESH PALIWAL whose telephone number is 
(571 )270-1807. The examiner can normally be reached on M-F: 7:30 AM - 5:00 PM 
EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Y. P.I 

Examiner, Art Unit 2435 
/Kimyen Vu/ 

Supervisory Patent Examiner, Art Unit 2435 



